Hi, I was recently messing around with another scanner and I found an injection I'd like to play around with in Sqlmap.
The injection found is a POST to something.asp and its " action=login&login=whatever'=sleep(15)='&password= ". I verified it manually and its good to go, however I've not yet been able to get SQLmap to detect and exploit it. I've been messing with --prefix and --suffix but I cant get any joy. Any ideas on this boys? Thanks in advance, James ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
